X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslurpd%2Fconfig.c;h=71934ce59efc95a1555eb6720e3063d7254a51c9;hb=4abbf9c610d4fbaeee0dbdceaad1e0f94ed8e8fe;hp=1df612324005a4dfa56b056644991200f7cd96e6;hpb=4319e67736dcb2f0f4acb88dbb65ceb2978862fe;p=openldap
diff --git a/servers/slurpd/config.c b/servers/slurpd/config.c
index 1df6123240..71934ce59e 100644
--- a/servers/slurpd/config.c
+++ b/servers/slurpd/config.c
@@ -1,6 +1,20 @@
/* $OpenLDAP$ */
-/*
- * Copyright (c) 1996 Regents of the University of Michigan.
+/* This work is part of OpenLDAP Software .
+ *
+ * Copyright 1998-2005 The OpenLDAP Foundation.
+ * Portions Copyright 2003 Mark Benson.
+ * Portions Copyright 2002 John Morrissey.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * .
+ */
+/* Portions Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
@@ -10,6 +24,13 @@
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
+/* ACKNOWLEDGEMENTS:
+ * This work was originally developed by the University of Michigan
+ * (as part of U-MICH LDAP). Additional signficant contributors
+ * include:
+ * John Morrissey
+ * Mark Benson
+ */
/*
@@ -25,25 +46,28 @@
#include
#include
-#include
#include
+#include
#include "slurp.h"
#include "globals.h"
-#define MAXARGS 100
+#define ARGS_STEP 512
/* Forward declarations */
static void add_replica LDAP_P(( char **, int ));
static int parse_replica_line LDAP_P(( char **, int, Ri *));
-static void parse_line LDAP_P(( char *, int *, char ** ));
+static void parse_line LDAP_P(( char * ));
static char *getline LDAP_P(( FILE * ));
static char *strtok_quote LDAP_P(( char *, char * ));
+int cargc = 0, cargv_size = 0;
+char **cargv;
/* current config file line # */
static int lineno;
-
+char *slurpd_pid_file = NULL;
+char *slurpd_args_file = NULL;
/*
* Read the slapd config file, looking only for config options we're
@@ -57,8 +81,11 @@ slurpd_read_config(
{
FILE *fp;
char *line;
- int cargc;
- char *cargv[MAXARGS];
+
+ if ( cargv == NULL ) {
+ cargv = ch_calloc( ARGS_STEP + 1, sizeof(*cargv) );
+ cargv_size = ARGS_STEP + 1;
+ }
Debug( LDAP_DEBUG_CONFIG, "Config: opening config file \"%s\"\n",
fname, 0, 0 );
@@ -77,7 +104,7 @@ slurpd_read_config(
Debug( LDAP_DEBUG_CONFIG, "Config: (%s)\n", line, 0, 0 );
- parse_line( line, &cargc, cargv );
+ parse_line( line );
if ( cargc < 1 ) {
fprintf( stderr, "line %d: bad config line (ignored)\n", lineno );
@@ -104,11 +131,79 @@ slurpd_read_config(
lineno, cargv[1] );
fprintf( stderr, "line (ignored)\n" );
}
+ LUTIL_SLASHPATH( cargv[1] );
strcpy( sglob->slapd_replogfile, cargv[1] );
}
} else if ( strcasecmp( cargv[0], "replica" ) == 0 ) {
add_replica( cargv, cargc );
- }
+
+ /* include another config file */
+ } else if ( strcasecmp( cargv[0], "include" ) == 0 ) {
+ char *savefname;
+ int savelineno;
+
+ if ( cargc < 2 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: missing filename in \"include \" line\n",
+ fname, lineno, 0 );
+
+ return( 1 );
+ }
+ LUTIL_SLASHPATH( cargv[1] );
+ savefname = strdup( cargv[1] );
+ savelineno = lineno;
+
+ if ( slurpd_read_config( savefname ) != 0 ) {
+ return( 1 );
+ }
+
+ free( savefname );
+ lineno = savelineno - 1;
+
+ } else if ( strcasecmp( cargv[0], "replica-pidfile" ) == 0 ) {
+ if ( cargc < 2 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: missing file name in \"replica-pidfile \" line\n",
+ fname, lineno, 0 );
+
+ return( 1 );
+ }
+
+ LUTIL_SLASHPATH( cargv[1] );
+ slurpd_pid_file = ch_strdup( cargv[1] );
+
+ } else if ( strcasecmp( cargv[0], "replica-argsfile" ) == 0 ) {
+ if ( cargc < 2 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: missing file name in \"argsfile \" line\n",
+ fname, lineno, 0 );
+
+ return( 1 );
+ }
+
+ LUTIL_SLASHPATH( cargv[1] );
+ slurpd_args_file = ch_strdup( cargv[1] );
+
+ } else if ( strcasecmp( cargv[0], "replicationinterval" ) == 0 ) {
+ int c;
+ if ( cargc < 2 ) {
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: missing interval in "
+ "\"replicationinterval \" line\n",
+ fname, lineno, 0 );
+ return( 1 );
+ }
+
+ c = atoi( cargv[1] );
+ if( c < 1 ) {
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: invalid interval "
+ "(%d) in \"replicationinterval \" line\n",
+ fname, lineno, c );
+
+ return( 1 );
+ }
+
+ sglob->no_work_interval = c;
+ }
}
fclose( fp );
Debug( LDAP_DEBUG_CONFIG,
@@ -125,19 +220,30 @@ slurpd_read_config(
*/
static void
parse_line(
- char *line,
- int *argcp,
- char **argv
+ char *line
)
{
char * token;
- *argcp = 0;
+ cargc = 0;
for ( token = strtok_quote( line, " \t" ); token != NULL;
- token = strtok_quote( NULL, " \t" ) ) {
- argv[(*argcp)++] = token;
+ token = strtok_quote( NULL, " \t" ) )
+ {
+ if ( cargc == cargv_size - 1 ) {
+ char **tmp;
+ tmp = ch_realloc( cargv, (cargv_size + ARGS_STEP) *
+ sizeof(*cargv) );
+ if (tmp == NULL) {
+ cargc = 0;
+ return;
+ }
+ cargv = tmp;
+ cargv_size += ARGS_STEP;
+ }
+
+ cargv[cargc++] = token;
}
- argv[*argcp] = NULL;
+ cargv[cargc] = NULL;
}
@@ -174,12 +280,12 @@ strtok_quote(
} else {
inquote = 1;
}
- SAFEMEMCPY( next, next + 1, strlen( next + 1 ) + 1 );
+ AC_MEMCPY( next, next + 1, strlen( next + 1 ) + 1 );
break;
case '\\':
if ( next[1] )
- SAFEMEMCPY( next, next + 1, strlen( next + 1 ) + 1 );
+ AC_MEMCPY( next, next + 1, strlen( next + 1 ) + 1 );
next++; /* dont parse the escaped character */
break;
@@ -228,13 +334,17 @@ getline(
CATLINE( buf );
while ( fgets( buf, sizeof(buf), fp ) != NULL ) {
if ( (p = strchr( buf, '\n' )) != NULL ) {
- *p = '\0';
+ if( p > buf && p[-1] == '\r' ) --p;
+ *p = '\0';
}
lineno++;
if ( ! isspace( (unsigned char) buf[0] ) ) {
return( line );
}
+ /* change leading whitespace to space */
+ buf[0] = ' ';
+
CATLINE( buf );
}
buf[0] = '\0';
@@ -299,7 +409,7 @@ add_replica(
* Parse a "replica" line from the config file. replica lines should be
* in the following format:
* replica host= binddn=
- * bindmethod="simple|kerberos" credentials=
+ * bindmethod="simple" credentials=
*
* where:
* describes the host name and port number where the
@@ -307,12 +417,10 @@ add_replica(
*
* is the DN to bind to the replica slapd as,
*
- * bindmethod is either "simple" or "kerberos", and
+ * bindmethod is "simple", and
*
* are the credentials (e.g. password) for binddn. are
- * only used for bindmethod=simple. For bindmethod=kerberos, the
- * credentials= option should be omitted. Credentials for kerberos
- * authentication are in the system srvtab file.
+ * only used for bindmethod=simple.
*
* The "replica" config file line may be split across multiple lines. If
* a line begins with whitespace, it is considered a continuation of the
@@ -322,6 +430,8 @@ add_replica(
#define GOT_DN 2
#define GOT_METHOD 4
#define GOT_ALL ( GOT_HOST | GOT_DN | GOT_METHOD )
+#define GOT_MECH 8
+
static int
parse_replica_line(
char **cargv,
@@ -332,10 +442,17 @@ parse_replica_line(
int gots = 0;
int i;
char *hp, *val;
+ LDAPURLDesc *ludp;
for ( i = 1; i < cargc; i++ ) {
- if ( !strncasecmp( cargv[ i ], HOSTSTR, strlen( HOSTSTR ))) {
- val = cargv[ i ] + strlen( HOSTSTR ) + 1;
+ if ( !strncasecmp( cargv[ i ], HOSTSTR, sizeof( HOSTSTR ) - 1 ) ) {
+ if ( gots & GOT_HOST ) {
+ fprintf( stderr, "Error: Malformed \"replica\" line in slapd config " );
+ fprintf( stderr, "file, too many host or uri names specified, line %d\n",
+ lineno );
+ return -1;
+ }
+ val = cargv[ i ] + sizeof( HOSTSTR ); /* '\0' string terminator accounts for '=' */
if (( hp = strchr( val, ':' )) != NULL ) {
*hp = '\0';
hp++;
@@ -346,44 +463,105 @@ parse_replica_line(
}
ri->ri_hostname = strdup( val );
gots |= GOT_HOST;
+ } else if ( !strncasecmp( cargv[ i ], URISTR, sizeof( URISTR ) - 1 ) ) {
+ if ( gots & GOT_HOST ) {
+ fprintf( stderr, "Error: Malformed \"replica\" line in slapd config " );
+ fprintf( stderr, "file, too many host or uri names specified, line %d\n",
+ lineno );
+ return -1;
+ }
+ if ( ldap_url_parse( cargv[ i ] + sizeof( URISTR ), &ludp ) != LDAP_SUCCESS ) {
+ fprintf( stderr, "Error: Malformed \"replica\" line in slapd config " );
+ fprintf( stderr, "file, bad uri format specified, line %d\n",
+ lineno );
+ return -1;
+ }
+ if (ludp->lud_host == NULL) {
+ fprintf( stderr, "Error: Malformed \"replica\" line in slapd config " );
+ fprintf( stderr, "file, missing uri hostname, line %d\n",
+ lineno );
+ return -1;
+ }
+ ri->ri_hostname = strdup ( ludp->lud_host );
+ ri->ri_port = ludp->lud_port;
+ ri->ri_uri = strdup ( cargv[ i ] + sizeof( URISTR ) );
+ ldap_free_urldesc( ludp );
+ gots |= GOT_HOST;
+ } else if ( !strncasecmp( cargv[ i ],
+ ATTRSTR, sizeof( ATTRSTR ) - 1 ) ) {
+ /* ignore it */ ;
+ } else if ( !strncasecmp( cargv[ i ],
+ SUFFIXSTR, sizeof( SUFFIXSTR ) - 1 ) ) {
+ /* ignore it */ ;
+ } else if ( !strncasecmp( cargv[i], STARTTLSSTR, sizeof(STARTTLSSTR)-1 )) {
+ val = cargv[ i ] + sizeof( STARTTLSSTR );
+ if( !strcasecmp( val, CRITICALSTR ) ) {
+ ri->ri_tls = TLS_CRITICAL;
+ } else {
+ ri->ri_tls = TLS_ON;
+ }
+ } else if ( !strncasecmp( cargv[ i ], TLSSTR, sizeof( TLSSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( TLSSTR );
+ if( !strcasecmp( val, CRITICALSTR ) ) {
+ ri->ri_tls = TLS_CRITICAL;
+ } else {
+ ri->ri_tls = TLS_ON;
+ }
} else if ( !strncasecmp( cargv[ i ],
- BINDDNSTR, strlen( BINDDNSTR ))) {
- val = cargv[ i ] + strlen( BINDDNSTR ) + 1;
+ BINDDNSTR, sizeof( BINDDNSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( BINDDNSTR );
ri->ri_bind_dn = strdup( val );
gots |= GOT_DN;
} else if ( !strncasecmp( cargv[ i ], BINDMETHSTR,
- strlen( BINDMETHSTR ))) {
- val = cargv[ i ] + strlen( BINDMETHSTR ) + 1;
+ sizeof( BINDMETHSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( BINDMETHSTR );
if ( !strcasecmp( val, KERBEROSSTR )) {
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- ri->ri_bind_method = AUTH_KERBEROS;
- if ( ri->ri_srvtab == NULL ) {
- ri->ri_srvtab = strdup( sglob->default_srvtab );
- }
- gots |= GOT_METHOD;
-#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
fprintf( stderr, "Error: a bind method of \"kerberos\" was\n" );
- fprintf( stderr, "specified in the slapd configuration file,\n" );
- fprintf( stderr, "but slurpd was not built with kerberos.\n" );
- fprintf( stderr, "You must rebuild the LDAP release with\n" );
- fprintf( stderr, "kerberos support if you wish to use\n" );
- fprintf( stderr, "bindmethod=kerberos\n" );
+ fprintf( stderr, "specified in the slapd configuration file.\n" );
+ fprintf( stderr, "slurpd no longer supports Kerberos.\n" );
exit( EXIT_FAILURE );
-#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
} else if ( !strcasecmp( val, SIMPLESTR )) {
- ri->ri_bind_method = AUTH_SIMPLE;
+ ri->ri_bind_method = LDAP_AUTH_SIMPLE;
+ gots |= GOT_METHOD;
+ } else if ( !strcasecmp( val, SASLSTR )) {
+ ri->ri_bind_method = LDAP_AUTH_SASL;
gots |= GOT_METHOD;
} else {
ri->ri_bind_method = -1;
}
- } else if ( !strncasecmp( cargv[ i ], CREDSTR, strlen( CREDSTR ))) {
- val = cargv[ i ] + strlen( CREDSTR ) + 1;
+ } else if ( !strncasecmp( cargv[ i ],
+ SASLMECHSTR, sizeof( SASLMECHSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( SASLMECHSTR );
+ gots |= GOT_MECH;
+ ri->ri_saslmech = strdup( val );
+ } else if ( !strncasecmp( cargv[ i ],
+ CREDSTR, sizeof( CREDSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( CREDSTR );
ri->ri_password = strdup( val );
- } else if ( !strncasecmp( cargv[ i ], BINDPSTR, strlen( BINDPSTR ))) {
- val = cargv[ i ] + strlen( BINDPSTR ) + 1;
- ri->ri_principal = strdup( val );
- } else if ( !strncasecmp( cargv[ i ], SRVTABSTR, strlen( SRVTABSTR ))) {
- val = cargv[ i ] + strlen( SRVTABSTR ) + 1;
+ } else if ( !strncasecmp( cargv[ i ],
+ SECPROPSSTR, sizeof( SECPROPSSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( SECPROPSSTR );
+ ri->ri_secprops = strdup( val );
+ } else if ( !strncasecmp( cargv[ i ],
+ REALMSTR, sizeof( REALMSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( REALMSTR );
+ ri->ri_realm = strdup( val );
+ } else if ( !strncasecmp( cargv[ i ],
+ AUTHCSTR, sizeof( AUTHCSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( AUTHCSTR );
+ ri->ri_authcId = strdup( val );
+ } else if ( !strncasecmp( cargv[ i ],
+ OLDAUTHCSTR, sizeof( OLDAUTHCSTR ) - 1 ) ) {
+ /* Old authcID is provided for some backwards compatibility */
+ val = cargv[ i ] + sizeof( OLDAUTHCSTR );
+ ri->ri_authcId = strdup( val );
+ } else if ( !strncasecmp( cargv[ i ],
+ AUTHZSTR, sizeof( AUTHZSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( AUTHZSTR );
+ ri->ri_authzId = strdup( val );
+ } else if ( !strncasecmp( cargv[ i ],
+ SRVTABSTR, sizeof( SRVTABSTR ) - 1 ) ) {
+ val = cargv[ i ] + sizeof( SRVTABSTR );
if ( ri->ri_srvtab != NULL ) {
free( ri->ri_srvtab );
}
@@ -394,11 +572,18 @@ parse_replica_line(
cargv[ i ] );
}
}
- if ( gots != GOT_ALL ) {
- fprintf( stderr, "Error: Malformed \"replica\" line in slapd " );
- fprintf( stderr, "config file, line %d\n", lineno );
- return -1;
- }
+
+ if ( ri->ri_bind_method == LDAP_AUTH_SASL) {
+ if ((gots & GOT_MECH) == 0) {
+ fprintf( stderr, "Error: \"replica\" line needs SASLmech flag in " );
+ fprintf( stderr, "slapd config file, line %d\n", lineno );
+ return -1;
+ }
+ } else if ( gots != GOT_ALL ) {
+ fprintf( stderr, "Error: Malformed \"replica\" line in slapd " );
+ fprintf( stderr, "config file, line %d\n", lineno );
+ return -1;
+ }
return 0;
}